Google Cloud Platform VPC Out-of-the-box Data Collection Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article.
In this article, you will find out how to configure Google Cloud Platform (GGP) VPC to pull and collect data from your network in the form of logs, and have it sent to Lumu to be analyzed to improve the monitoring & response capabilities of your organization.
Requirements
- A GCP Virtual Private Cloud. To learn more, refer to the GCP official documentation.
- A Google Cloud project. If you do not have one, please follow the official Google Cloud tutorial.
-
An active Lumu Defender/Lumu Insights subscription
Lumu paid customers can unlock the full power of our Out-of-the-box integrations; however, Lumu Free customers can also enjoy their benefits with a few limitations. Take a look at our website and our documentation to learn more about our subscription tiers.
Configure Google Cloud Projects
Google Cloud services allows managing APIs, adding and removing collaborators, and managing permissions for Google Cloud resources. In this section, we will see the necessary configurations we need to complete in GCP to activate the OOTB integration.
Google Cloud allows storing logs in a general storage utility per project, this means all your available DNS zones and VPCs which are part of a cloud project may generate and save different sorts of logs, including but not limited to TCP/UDP packets, DNS queries or DNS packets, that will be reflected in your logging explorer utility.
Bear in mind that two different projects will have two different logging buckets. To retrieve logs from both of them, you must set up two OOTB Lumu integrations, one per project.
Enabling logs for your VPC network
You will need to enable DNS logging on your VPC network. Once done, you should see the DNS policy available in your VPC network details.
IAM configuration
You must create a new service account and a new IAM role, which must be a “Logs Viewer” Role. Now, go to your IAM permissions section, and add it to the service account previously created.
It is vital to create an account key for this service account, and download it as a JSON file, you will need this later to create the OOTB.
Once added, you should see the service account in the principals' permissions details
Add Integration
To start collecting data from the GCP VPC, it is necessary to configure the Lumu integration using the values obtained in the first section of this article. Here, you will find instructions on how to configure each of these parameters.
1. Log in to your Lumu account through the Lumu Portal and navigate to the integrations screen. Locate the GCP VPC Data Collection integration in the available apps area and click to add it. Then click to view details.
2. Familiarize yourself with the integration details available in the app description. Click the button below to add the integration.
3. Assign an identifiable name to the integration. By default, this integration will be tagged as unlabeled activity; however, you can select a label of your preference for additional visibility.It is always recommended to assign a label to prioritize findings within the traffic of your organization. To learn more, refer to our article about Labels.
4. Add the GPC credentials: Google Cloud Project ID and Service Account Key. These parameters were obtained in the steps of the Configure Google Cloud Projects section. Now select “Activate”.
5. The integration is now created and active. You can find the integration and some additional details by going to the Configured Apps section and looking for the available apps.
Related Articles
AWS Out-of-the-Box Data Collection Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. In this article, you will find out how to configure Amazon Web Services (AWS) to pull and collect data from your network in the form of logs, and have ...Gmail for Google Workspace Out-of-the-Box Data Collection Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. Requirements Google License Google Workspace Business Starter or above Google Workspace for Education Fundamentals or above Lumu License An active Lumu ...Kubernetes (K8s) Out-of-the-box Data Collection Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. In this article, you will find out how to configure your Kubernetes cluster to record and collect DNS data from your cluster network and have it sent to ...Netskope Out-of-the-Box Data Collection Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. Configure Netskope Next Gen Secure Web Gateway 1. Log in to your Netskope UI. 2. Navigate to Event Streaming . Following the next path Settings > Tools ...Cisco Umbrella Out-of-the-Box Data Collection Integration
To learn more about Out-of-the-box Integrations and their benefits, please refer to this article. Requirements A Cisco Umbrella DNS Security Essentials subscription or above An active Lumu Defender Subscription Setup Cisco Umbrella Rest API Client To ...